WhenU Awareness, One Year Later

Since March 2004, PC Pitstop has been surveying WhenU users about their installation experience with WhenU products. Our first report on this data was published in April 2004, and it validated our anecdotal experience that very few users knowingly consent to installing WhenU.

One year since that original survey, WhenU claims that they have made major improvements to the installation experience and cleaned up issues they blamed on affiliates. In addition, Microsoft released the Service Pack 2 update for Windows XP (“XP SP2” for short). This update made significant changes to the ActiveX installation process and made it more difficult to trick users into installing spyware and adware. Our data seems to show that both of these factors have affected WhenU’s business, perhaps in ways that even WhenU did not anticipate.

XP SP2 Takes Off

In August 2004, Microsoft released Windows XP Service Pack 2 as a free upgrade for XP users. Its numerous security enhancements include a popup blocker, better ActiveX security, improved firewall, and a new Windows Security Center that encourages the use of antivirus technology. With the advent of Windows XP, Microsoft also strongly encourages the use of Windows Update AutoUpdate, which greatly facilitates the installation of upgrades such as XP SP2. Although AutoUpdate was present in earlier versions of XP, the new Security Center reminds users to turn it on and actually use it.

Latest Spyware Research
Check out the latest trends in spyware and other important PC trends in our research section.

Thanks to a high-profile launch by Microsoft, distribution through Windows Update, and generally favorable reviews in the computer press, Windows XP SP2 has quickly become the most popular version of Windows tested at PC Pitstop. (In an ironic twist, Microsoft identified TV Media adware as one reason why XP SP2 might fail to install.) The XP SP2 growth rate easily exceeded that of any other version of Windows tracked since PC Pitstop opened in March 2000, which is especially impressive considering the growth of the PC installed base during that period.

The Impact of XP SP2

Most adware and spyware eventually makes itself known to the user, either directly (through pop-up windows and other advertising) or indirectly (as abnormal system behavior or sluggish performance). Either way, the user’s solution is usually to remove the adware or spyware that is the source of the problems. That makes installation rates–the process of finding “fresh meat”–so important to adware and spyware makers.

XP SP2 closes many of the security holes and exploits that adware and spyware uses to force itself onto computers. This is squeezing many adware and spyware companies such as WhenU that have benefited from these security holes, reducing the installation rates significantly. PC Pitstop’s statistics on WhenU’s installed base bear that out:

The methodology used to collect this data is documented in our April 2004 report. Over the past year, the number of systems tested that had WhenU installed dropped by two-thirds. Although the general downward trend is visible throughout the year, it clearly accelerates in August 2004 with the release of XP SP2. Beginning in August, the graph breaks out XP SP2 systems from all other systems to show its protective effects.

Other Factors

WhenU’s ability to grow its installed base has also been affected by the music industry’s crackdown on file swapping using peer-to-peer (P2P) networks. All during 2004, the national press was filled with stories of music industry lawsuits against file swappers. This reduced the demand for file sharing programs such as Bearshare, which bundles WhenU as part of its payload.

In the past, WhenU has freely admitted that the uninstall rate for their software is about 70 percent, and the actual number might now be higher. An increased awareness of adware and spyware in the general press, even in national news at times, may have actually increased uninstall rates among the average computer user during this period. The availability of free spyware removal tools from companies such as Microsoft, America Online and Yahoo could also have contributed to the decline.

Perhaps WhenU could find some solace in the uptick of popularity that seemed to occur in November 2004; could it be due to an effective advertising campaign or a positive mention in the press that increased the downloads of WhenU applications? Unfortunately for WhenU, the answer is much more sinister.

In mid-November,a major security exploit began to spread, and one of the items in its payload was WhenU’s software. If WhenU is indeed vigilant in cleaning up these rogue affiliates, it would seem to mean an even smaller installed base.

Unawareness Rates

At the end of the day, the most important issue is whether users were actively giving consent to the installation of the WhenU software. Were they aware WhenU was being installed, and if so did they read enough to have any idea of its purpose and license terms? Our survey consistently shows that the majority of users did neither:

We asked a single question to the user about their experience installing the WhenU software, and the chart tracks the percent of users that either did not recall installing the software or did not read the license agreement at all. As in our April 2004 report, these incredibly high rates reinforce our perception that WhenU’s distribution depends on the user’s lack of awareness.

If there is any good news in the data, it is that users are slowly becoming more aware of WhenU on their PCs. This may be due to WhenU’s efforts to clean up their act. In cases where WhenU is bundled, such as with BearShare,notification of the bundling has been made clearer and more explicit. In January, WhenU moved to an in-house sales force in order to prevent the abuses that resulted in the November 2004 security exploit mentioned above. (The graph above shows that exploit, as you might expect, caused a one-month increase in people that did not recall installing WhenU.)

Even with these recent improvements, almost three-quarters of WhenU users were not aware the application was installed and running when they tested at PC Pitstop. These numbers are many times higher than other downloaded applications, such as the AVG Antivirus that we used for comparision in our original survey. Yet WhenU maintains an unwavering insistence that all its users are given clear notice and must consent to the license agreements. There are several possible explanations for this discrepancy. For example, children using their parents computer may be clicking these dialogs. WhenU could address this assertion by providing information about the demographics of their users, the web sites where WhenU advertises, or the products that bundle WhenU.

Update–May 17, 2005:
The latest version of BearShare that bundles WhenU is much improved as far as disclosure goes. During installation there is a screen that provides a quick overview and sample ad. After installation, a popup window confirms that WhenU has been installed. The ad windows that pop up are co-branded with both WhenU and BearShare, which should help users understand the connection as well. We look forward to seeing how these changes will affect future awareness rates.

A Curious Product Strategy

In most software markets, a flat or declining installed base usually indicates a company that has discontinued selling its products. With few new installs to add to the base, it slowly declines as users uninstall the product–or simply upgrade to new PCs without reinstalling. Contrast that with WhenU, which has a falling installed base on a product still actively being distributed. This means that people are uninstalling the product at a faster rate than WhenU or its partners can convince, trick, or deceive people into installing it. Viewed another way, nearly all WhenU “users” are so dissatisfied that they remove this free product after just a short time. Our experience is that many users aren’t even sure how to uninstall applications and many others seldom do it even when they know how, so an uninstall rate this high is very unusual.

WhenU’s natural response to their critics has been to attack the validity of the research (Note: Adobe PDF file), but offer no research of their own that suggests that they truly obtain the user’s permission to install. Our research agrees with an AOL-NCSA Online Safety Study showing that users were not aware that this type of software was being installed on their system, and it also agrees with FTC comments from users that are fed up with unwanted software. If WhenU believes this independent research is wrong, it should conduct its own studies and publish the results. Either WhenU is ignoring the needs and wishes of its installed base through inaction, or it has actively decided to ignore them.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles

Botnets, Now What?

Just when I was becoming accustomed to using spyware removal tools and running the occasional Pitstop virus scan (few people keep their antivirus current these days), something new comes along.

Have you ever wondered why your machine seems like it’s operating in mud or is just ignoring you? Well that’s probably because it’s operating just fine for someone else. Yep, we’re talking Botnets. Botnets are using your CPU, draining your memory, just waiting to be told what to do by someone making money from your investment. You don’t mind do you?

Read More

PC Pitstop Top 25 Spyware and Adware

PC Pitstop has long been a source of information about unwanted software and how it spreads. Now we’re using our test results database to give you weekly updates about which programs are the most prolific. The prevalence numbers indicate the percent of PCs tested at PC Pitstop where we detected that file running. Our detection works by file name, so some products may be listed multiple times if they consist of two or more files. To check for spyware, adware, unneeded programs, and many other common PC problems, try PC Pitstop Exterminate or our full system scan.

Read More